github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-24 17:03:13 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
4e4844f4db
discourse/spec/requests
History
Penar Musaraj 102909edb3 FEATURE: Add support for secure media (#7888) 
This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. 

A few notes: 

- the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads
- the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured
- upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status
- when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error
- when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-18 11:25:42 +10:00
..
admin UX: instead of total user count display only the count of users going to be affected. 2019-11-18 00:09:38 +05:30
about_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
application_controller_spec.rb DEV: improve usability of subfolder specs 2019-11-15 16:48:24 +11:00
associate_accounts_spec.rb SECURITY: Require POST with CSRF token for OmniAuth request phase 2019-08-08 11:58:00 +01:00
badges_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
categories_controller_spec.rb DEV: improve usability of subfolder specs 2019-11-15 16:48:24 +11:00
category_hashtags_controller_spec.rb DEV: avoid double sign-in which can lead to flaky tests 2019-06-03 10:15:49 +10:00
clicks_controller_spec.rb DEV: Fix failling test. 2019-05-07 11:19:13 +03:00
composer_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
composer_messages_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
csp_reports_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
directory_items_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
draft_controller_spec.rb FIX: under some conditions draft would say it was saving when not 2019-10-31 17:15:58 +11:00
drafts_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
email_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
embed_controller_spec.rb FEATURE: Overhaul of admin API key system (#8284) 2019-11-05 14:10:23 +00:00
exceptions_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
export_csv_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
extra_locales_controller_spec.rb FIX: Better error handling for invalid locale bundle versions 2019-11-11 22:30:32 +01:00
finish_installation_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
forums_controller_spec.rb FIX: Don't use DistributedCache to store redis readonly state 2019-06-25 11:20:34 +08:00
groups_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
inline_onebox_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
invites_controller_spec.rb UX: update invite 'not found' message 2019-07-19 16:39:44 +05:30
list_controller_spec.rb DEV: improve usability of subfolder specs 2019-11-15 16:48:24 +11:00
metadata_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
notifications_controller_spec.rb DEV: Prefer public_send over send. 2019-05-07 09:33:21 +08:00
offline_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
omniauth_callbacks_controller_spec.rb FEATURE: Use full page redirection for all external auth methods (#8092) 2019-10-08 12:10:43 +01:00
onebox_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
permalinks_controller_spec.rb DEV: improve usability of subfolder specs 2019-11-15 16:48:24 +11:00
post_action_users_controller_spec.rb More prefabrication 2019-05-10 08:34:04 -04:00
post_actions_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
post_readers_controller_spec.rb FIX: Don't show bots as post readers 2019-11-14 17:53:52 -03:00
posts_controller_spec.rb FEATURE: Overhaul of admin API key system (#8284) 2019-11-05 14:10:23 +00:00
push_notification_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
reviewable_claimed_topics_controller_spec.rb More prefabrication 2019-05-10 08:34:04 -04:00
reviewables_controller_spec.rb FEATURE: Filter reviewables by date range (#8354) 2019-11-15 15:29:59 -03:00
robots_txt_controller_spec.rb DEV: improve usability of subfolder specs 2019-11-15 16:48:24 +11:00
safe_mode_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
search_controller_spec.rb FEATURE: Allow scoping search to tag (#8345) 2019-11-14 10:40:26 +10:00
session_controller_spec.rb FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099) 2019-10-01 19:08:41 -07:00
similar_topics_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
site_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
static_controller_spec.rb DEV: Upgrade Discourse to Rails 6 (#8083) 2019-09-12 10:41:50 +10:00
steps_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
stylesheets_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
svg_sprite_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
tag_groups_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
tags_controller_spec.rb FIX: TopicQuery doesn't react well to subcategories without definitions 2019-11-02 08:34:43 +00:00
theme_javascripts_controller_spec.rb DEV: Prefabrication (test optimization) (#7414) 2019-05-07 13:12:20 +10:00
topics_controller_spec.rb DEV: improve usability of subfolder specs 2019-11-15 16:48:24 +11:00
uploads_controller_spec.rb FEATURE: Add support for secure media (#7888) 2019-11-18 11:25:42 +10:00
user_actions_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
user_api_keys_controller_spec.rb bug: keep query params present in auth_redirect (#7923) 2019-07-23 12:16:03 -04:00
user_avatars_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
user_badges_controller_spec.rb DEV: improve usability of subfolder specs 2019-11-15 16:48:24 +11:00
users_controller_spec.rb FIX: Badge and user title interaction fixes (#8282) 2019-11-08 15:34:24 +10:00
users_email_controller_spec.rb FIX: Confirm new email with backup codes enabled 2019-11-14 16:27:42 -07:00
webhooks_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
wizard_controller_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00